The unzip function in ZipUtil.java in Hutool prior to 4.1.12 allows remote malicious users to overwrite arbitrary files via directory traversal sequences in a filename within a ZIP archive.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hutool hutool |